Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 686
  • Last Modified:

Cannot open Outlook web access 2003 from internet.......500 POINTS

Setup:

Exchange 2003 behind sonic firewall.  Setup exchange security per site below suggestions.

http://www.msexchange.org/tutorials/Securing-Exchange-Server-2003-Outlook-Web-Access-Chapter5.html

I have mapped a port through the firewall to the exchange server port 443.

Basically I want users on the internet to be able to get to Outook Web Access via this route:

External IP address and port xxx.xxx.xxx.xxx:xxxx with IE.

The problem I'm having is when I do this I logon but I get the error page cannot be found. My logon is excepted but I do not know how to point the user to the OWA logon page.

Internally I can get there by exchangeserver/exchange in IE.

How do I get the external user to get to the OWA logon page?
0
jscott1979
Asked:
jscott1979
  • 6
  • 4
1 Solution
 
LeeDerbyshireCommented:
What URL are you using externally?  What happens if you try https://xxx.xxx.xxx.xxx/exchange ?  Is that when you get the 'Page Cannot be Found' error.  Since you have only opened port 443, then that means that you can only use https , and since that is the default port for SSL, you don't need to include it on the URL like that.

Also, what is the exact error message that you get?  Does it include a status code, like 404 or 401 or 403 ?
0
 
lwoods56Commented:
If the above adding /exchange fixes your problem, you might want to look at:

http://support.microsoft.com/kb/555053/en-us

If you dont want the users to have to put /exchange for the address.

If you cant get to OWA after putting /exchange, try making a test .asp page and put it in the root of the site to make sure that asp is rendering correctly.
0
 
jscott1979Author Commented:
Adding xxx.xxx.xxx.xxx:xxxx/exchange does not work. I get the "page cannot be found" error. I tried several ways to redirect to the OWA logon page with no success. I'm going to try following the instructions from the link lwoods56 posted tomorrow. Will update after I try that.  
0
Configuration Guide and Best Practices

Read the guide to learn how to orchestrate Data ONTAP, create application-consistent backups and enable fast recovery from NetApp storage snapshots. Version 9.5 also contains performance and scalability enhancements to meet the needs of the largest enterprise environments.

 
jscott1979Author Commented:
I did as instructed by the link lwoods56 posted to find the same error "page cannot be displayed." At the bottom it says "Cannot find server or DNS error."

Let me elaborate a bit more on my configuration:

In the IE address bar I'm typing https://xxx.xxx.xxx.xxx:xxxx where the :xxxx is a port I have mapped through the firewall to arrive at the 443 port on the exchange server. Could that be the problem? I have also tried just http://xxx.xxx.xxx.xxx:xxxx and  /exchange after the :xxxx with no luck.

When I go to the site I get the SSL logon popup, type in my credentials (domain/user and pass) which are excepted but get the "page cannot be displayed" error.

According to the link above by following those instructions I shouldn't get the logon popup I shoud get the OWA logon page but I do not.

Is there any way to reset all the defaults for the default web site so I can start over fresh because I have made quite a few changes.
0
 
lwoods56Commented:
Lets start with getting IIS to display something....

Are you using a private or public certificate for your SSL Server?
If using a private certificate does it prompt you to accept it?

Create a simple HTML file and put it in the root of your IIS Default Site.  Then try to browse to in internally and then externally.  If that works then try a simple ASP Pages.  

You might also want to turn off friendly messages in IE.  Go to Tools -> Internet Options -> Advanced Tab then uncheck the "Show Friendly HTTP Error Messages".  This might give a more helpful error page.
0
 
jscott1979Author Commented:
I'm using a private certificate and yes it does prompt me to accept and when I do I get the logon popup. From there type in my credetials which are excepted then i get the "page cannot be displayed" message.

From internally I can get to the OWA logon by IE https://exchangeserver/exchange with no problem.

From I externally I've tried https://xxx.xxx.xxx.xxx:xxxx/exchange and without exchange to get the "page cannot be displayed".

I unchecked off the "show friendly HTTP error messages" and went through the process again to get the same message "page cannot be displayed"

Some how I'm not being able to resolve the exchange page externally.
0
 
lwoods56Commented:
Here is an article to check all permissions on the Default Website:

http://support.microsoft.com/default.aspx?scid=kb;en-us;327843

Check to see if the following from the bottom of the article is met:

If domain users can log on to Outlook Web Access internally, but they receive a 401 error when they try to connect remotely through a proxy server, confirm that the users are assigned the following rights on the proxy server:
• Log on locally
• Access this computer from the network
0
 
lwoods56Commented:
Disregard the configure proxy server lines.  my apologies.
0
 
lwoods56Commented:
Do you have Forms Based Authentication Enabled?
0
 
jscott1979Author Commented:
Update:

Reset all OWA virtual directories following instructions from this article-

http://www.msexchange.org/tutorials/Fixing-Damaged-Incorrectly-Configured-OWA-2003-Installation.html

It reset everything except my certificate and kept forms based authentication enabled.

Now when I go to
https://xxx.xxx.xxx.xxx:xxxx 
or
https://xxx.xxx.xxx.xxx:xxxx/exchange 
I get redirected to
https://xxx.xxx.xxx.xxx/exchweb/bin/auth/owalogon.asp 

which gives me the same message "page cannot be displayed".

But, I noticed in the URL it droped the port behind the IP so I tried
https://xxx.xxx.xxx.xxx:xxxx/exchweb/bin/auth/owalogon.asp
as the beggining address and it worked. I got to the OWA logon page.

Now what happened next is almost the same thing I logged on to the OWA and recieved my friend the message "page cannot be displayed".
I noticed once again that when I logged on the URL dropped the port and redirected me to
https://xxx.xxx.xxx.xxx/exchange
tried adding the port behind the Ip but it still says "page cannot be displayed'

Am I right to assume that the port mapping is causing me most of my trouble?
But shouldn't addind the port after logging on enable be to see the owa email page?
0
 
lwoods56Commented:
Check out this post, it sounds identical to your issue.  Lets try getting the firewall and OWA listening on the same SSL port:

http://groups.google.com/group/microsoft.public.exchange.connectivity/browse_thread/thread/5ba0e82068917e96/a0c7ac95c09a5562%23a0c7ac95c09a5562
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now